Contact us today!
(954) 575-3992
facebook linkedin Business Solutions & Software Group RSS Feed

Michael DeMarco

Business Solutions & Software Group has been serving the Coral Springs area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

Bad Rabbit Ransomware Strikes Targets in Eastern Europe

In yet another widespread ransomware attack, Eastern European countries saw an assortment of their critical establishments and infrastructures struck by an infection known as Bad Rabbit. Government buildings, media establishments, and transportation centers were among the targets of this attack.

Focused in Russia and Ukraine but also spotted in Bulgaria, Germany, and Turkey, Bad Rabbit shut down Russia’s Interfax Agency--a major news outlet--as well as Ukraine’s Kiev Metro, the Odessa International Airport, and both the Ministry of Infrastructure and the Ministry of Finance. The attack on Kiev Metro was found to leverage Diskcoder.D, yet another variant of the infamous Petya ransomware.

Fortunately, there is a considerably lesser chance of Bad Rabbit repeating what WannaCry managed to accomplish during its spread across Europe and, to a lesser extent, North America. This is because, instead of relying on a worm as WannaCry did, Bad Rabbit uses a server message block vulnerability called EternalRomance to spread, after being downloaded while disguised as an Adobe Flash installer on legitimate websites. It would also appear that Bad Rabbit and NotPetya (another significant ransomware attack) were deployed by the same threat actor, as 67 percent of their codebases are the same.

There is also evidence that this threat actor is a Game of Thrones fan, as the code strings used in Bad Rabbit include character names from the novels and television series.

Unfortunately, Bad Rabbit should not have been able to spread as far as it has, as Microsoft released a patch for EternalRomance in March, when the EternalBlue vulnerability was also patched. This makes this attack yet another example of why it is crucial to install patches and updates when they are released--if the organizations affected by Bad Rabbit had done so, they would not be in the position they are now.

Business Solutions & Software Group can help you make sure that your systems are not left vulnerable to attacks like this by managing your patches and updates for you. Reach out by calling (954) 575-3992 for more information.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 23 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Business Solutions & Software Group!

Read more...

Contact Us

Learn more about what Business Solutions & Software Group can do for your business.

callphone

Call us today    (954) 575-3992

10211 W Sample Road
Suite 114
Coral Springs, Florida 33065

facebook linkedin #